Well it has been another busy month for computer security with the release of yet more exploits, and new viruses. A great many people also attended the RSA Conference at San Francisco including myself. I must say it was neat to actually hear Bill Gates talk at the conference. All comments about his business practices aside, he is still very much an alpha geek. Computer networks probably would not be where they are today without Microsoft. On that note letís take a look at some of this past monthís interesting posts.

Compilers

Most everyone who plans to learn how to program in a language such as C or C++ will have to have a compiler. In this thread one of our members wants to know of a good and free compiler for C++. For those of you who are not very aware of programming concepts having a compiler is crucial to transform what is simple ascii to a binary program. I recall an episode at work several years ago where a co-worker was wondering why his program was not working. Long story short is that he was wondering how come his uncompiled code would not work. I had tears in my eyes I laughed so hard.

Program that will start/stop another program on a schedule

This thread was a topic that I was recently talking about to some people, and also experimenting at home with. The issue is using a program native to win32 to both start and stop a program. We see in the answers that the at command will start a program at a specific time for you. Problem is how do you then stop the program, as the poster wanted to know. Well the same answer given is the one I thought the simplest as well; use a batch script. Now this brings me to the reason I was speaking to some colleagues about this topic. If you think your machine has been compromised it is always wise to take a look at the scheduled tasks on the computer. For instance were I to compromise a computer I would use the start command to invoke the win32 port of netcat, and then shut it down a little while later. This way the compromised computer is not hijacked by other malicious hackers. You may have heard me say this before, but it pays to be able to think, and act like the enemy.

Protection from null sessions

Null sessions is a topic, which I have found often misinterpreted by knowledgeable people. It is also one of the most common mistakes made when securing a computer prior to connecting to the internet. In a nutshell null sessions are a way for a malicious hacker to harvest some much needed information from the computer. Information such as usernames, and services can be enumerated via said null session. Also adding to the problem are a variety of tools, which will make short work of this task for the malicious hacker. You must remember to secure this possible point of entry. Please check this link for some excellent reading on the topic.

Is Linux immune to viruses/trojans/worms and breaches?

Quite a few Linux users like to hype the fact that they are far safer from the plethora of Windows security problems; viruses, trojans, worms, and other malware. It is this very question though that the forum member poses ie: is Linux more secure? Only a naÔve person would believe that this is actually the case. The malicious hacker will always code their exploit for the largest market share. For the time being this is still a %95 Windows networked world. Largely due to this is why Linux has emerged relatively unscathed. A savvy administrator though can harden a Windows computer so as to make it far harder to compromise. The bottom line, and answer to this thread is that no operating system is secure, you need to harden it.

Self teach Security+ ?

The poster asks the question of whether, or not one can prepare for the Security+ plus exam on ones own. Evidenced by answers in the thread the answer is yes you can. Having the Security+ plus under your belt will help prepare you for some of the other heavy weight certifications. These would be Cisco specific ones, CISSP, GIAC certs amongst others. What these last ones mentioned have in common though is the prohibitive price of them. Not to mention the fact that certs such as GIAC are simply getting more expensive while providing less. Plus the fact that recently the certification requirements have been watered down. If you are a CISSP holder then you are also aware of the yearly ďmaintenanceĒ fee that has been recently introduced. A universal theme here is that getting certified is not only getting more expensive some of their value is becoming questioned.

Go into military in order to get into security

A forum member asks the question of whether or not it is a good idea to join the military to get experience in the IT field. Well I for one answered in this thread that it is how I got my experience, and security clearance. About the only other way I have ever heard of is that of the system administrator crossing over to IT security. That still leaves the question of how the heck do you get a security clearance. Being in the military is one of the easiest, but you must remember that you will need to have this clearance transferred over to your civilian employer once you depart the military. Barring joining the military you simply canít beat getting a university education in a computer related stream to get you where you want to go.

Well that wraps up this months column. If there has been one overriding theme for this column it has been security, and the certifications for it. Do yourself a favour and do your homework in both departments. It will save you not only money, but also your time.

Last edited by alt.don on Fri Apr 01, 2005 10:53 pm; edited 1 time in total

I think that this thread really demonstrates that the science of cryptography can be daunting to anyone who just wants to 'get things done'. To summarize the thread, Bungle was basically asking for how so called 'experts', who understand the cryptography, go about actually using it. He was inquiring about which programs and ciphers to use and what parameters to specify. This resulted in a very large amount of interesting discussion which touched on a variety of subjects including creating known-good versions of encryption programs that have had their source code checked by a member of sfdc, key size, tempest technology, rainbow cracking, authentication and data integrity, and the possible creation of 'how-to' guides for people who need help with their cryptography needs.

This thread spurred me on to create a few more tutorials for 'newbies', which will hopefully be up on sfdc soon. So from me it's a 'well done' to Bungle for starting such an interesting thread.

I feel that the Ultra Paranoid Extreme Hardcore Encryption An Idiot's Guide thread started over in the cryptography section by Bungle is worthy of a mention.

Oh, Ö..mate Ö .what can I say ? Iím so embarrassed. I thought you had stopped reading that thread !!

Quote:

I think that this thread really demonstrates that the science of cryptography can be daunting to anyone who just wants to 'get things done'.

You understood it completely !! When I first started encrypting I didnít have much of an interest in it and as I said to you before I did feel a little guilty. I just wanted to get started but in a safe way. I must admit Iím hooked now and I have been doing a lot of reading on the subject !! In fact Iím so good at cryptography now I can understand a whole 0.3% of what JT talks about !!

Quote:

To summarize the thread, Bungle was basically asking for how so called 'experts', who understand the cryptography, go about actually using it. He was inquiring about which programs and ciphers to use and what parameters to specify. This resulted in a very large amount of interesting discussion which touched on a variety of subjects including creating known-good versions of encryption programs that have had their source code checked by a member of sfdc, key size, tempest technology, rainbow cracking, authentication and data integrity, and the possible creation of 'how-to' guides for people who need help with their cryptography needs.

Yes err, ÖÖ sorry about the ďvery large amount of interesting discussionĒ I must admit I did start to ramble on a bit and go a little off subject ! Sorry, but I am new to forums in fact this is the first forum Iíve ever joined. I started to reply to the people directly like in an e-mail and not writing in a forum like way.

Quote:

This thread spurred me on to create a few more tutorials for 'newbies', which will hopefully be up on sfdc soon. So from me it's a 'well done' to Bungle for starting such an interesting thread.

Excellent this is great news !! This is everything I wanted the thread to be about. Iím so glad you have been working away in the background on your new tutorials !! I honestly thought you had got bored of the thread ! It would be fantastic if the last post on that thread could be a group of links to your new tutorials. JT has said he might compile his posts together and I hope to be able to link to those too. Your work will help many people Iím sure. I myself managed to help someone on this forum tonight with a hard drive problem and itís a great feeling isnít it. Because I donít know much about, well, much about anything really the best thing I could do was to get someone like yourself, Datah and JT to explain things to us mere mortals !!

So thank you very much Martin for your kind words about my thread and particularly for working on those new tutorials !!